A DDoS attack information fusion method based on CNN for multi-element data

Jieren Cheng, Canting Cai, Xiangyan Tang, Victor S. Sheng, Wei Guo, Mengyang Li

Research output: Contribution to journalArticlepeer-review

Abstract

Traditional distributed denial of service (DDoS) detection methods need a lot of computing resource, and many of them which are based on single element have high missing rate and false alarm rate. In order to solve the problems, this paper proposes a DDoS attack information fusion method based on CNN for multi-element data. Firstly, according to the distribution, concentration and high traffic abruptness of DDoS attacks, this paper defines six features which are respectively obtained from the elements of source IP address, destination IP address, source port, destination port, packet size and the number of IP packets. Then, we propose feature weight calculation algorithm based on principal component analysis to measure the importance of different features in different network environment. The algorithm of weighted multi-element feature fusion proposed in this paper is used to fuse different features, and obtain multi-element fusion feature (MEFF) value. Finally, the DDoS attack information fusion classification model is established by using convolutional neural network and support vector machine respectively based on the MEFF time series. Experimental results show that the information fusion method proposed can effectively fuse multi-element data, reduce the missing rate and total error rate, memory resource consumption, running time, and improve the detection rate.

Original languageEnglish
Pages (from-to)131-150
Number of pages20
JournalComputers, Materials and Continua
Volume63
Issue number1
DOIs
StatePublished - Mar 3 2020

Keywords

  • CNN
  • DDoS attack
  • Information fusion
  • Multi-element data
  • Principal component analysis

Fingerprint Dive into the research topics of 'A DDoS attack information fusion method based on CNN for multi-element data'. Together they form a unique fingerprint.

Cite this